Training Services

FIPS140-2 High Level Overview and Tutorial

One day tutorial session covering the most important aspects of FIPS140-2
cryptographic module validation.

The course includes an outline of the Cryptographic Module Validation
Program (CMVP) and the interactions between the various parties involved
in module validation.
It contains an overview of the requirements which must be met in order
to attain validation in each of the 14 areas that are part of the derived
test requirements.
Examples of realistic validation documentation are used throughout the course.
The specific approaches for passing the algorithm validation suite in
the Cryptographic Algorithm Validation Suite (CAVS) are covered.

FIPS140-2 Requirements Analysis

Typically this service is provided after the engineering team has
completed the FIPS140-2 High Level Overview and Tutorial.

This one day workshop involves discussion with technical staff as to approaches
for validation of your existing or planned modules. A high level review
of key items which may require design changes and identification of
typical problem areas for existing module validation will be performed.
There is no formal report produced as part of this interactive
workshop. If a more formal and more in depth approach is required then
one of the Development Consulting packages is more appropriate.

Smartcard Technologies and Concepts

An overview of the various technologies used in smartcard systems and
the associated infrastructure components needed to interact with and
effectively deploy smartcard systems.

This two hour workshop provides an overview for developers who are
getting started with smartcard systems and need a framework for
understanding the various technologies.
It includes an overview of the various ISO-7816 standards,
USB CCID, PC/SC, PKCS#15, Javacard, PKCS#11, CryptoAPI, CAC,
OCF, PIV and how each of these are important and interact in the
deployment of smartcard based systems.

Public Key Infrastructure (PKI) Fundamentals

An overview of the technologies used in PKI systems and
strategies needed to interact with and effectively deploy systems
dependant on PKI .

If the presentation is for a Queensland audience then the topic of
the Queensland Government PKI Framework will be included.

If the presentation is for a Australian audience then the topic of
the Federal Government Gatekeeper Framework will be included.
Specific topics include:

Certificate Policies

Certification Practice Statements

Audit Requirements

Authentication and Authorisation (AA) Fundamentals

An overview of the technologies and approaches available for
authentication and authorisation in a multi-vendor environment.

Standards and Technologies

Vendor Product Integration

Federation

Note: A copy of the presentation materials for limited in-house use are
provided. These materials may be used only by the project team involved
in the planned validation and are not for general company use.